EC commissioner:‘We must all team up to put GDPR into practice’

SMEs will only have to appoint a data protection officer (DPO) if processing is their main business and it poses specific threats to the individual’s rights and freedoms

Andrus Ansip, European Commission vice-president for the digital single market, and Vĕra Jourová, European commissioner for justice, consumers and gender equality

As of May 25, 2018, the new general data protection regulation (GDPR) comes into force. The new laws will apply across the board: to companies or entities which process personal data in any of their branches within the EU; to companies outside the EU offering goods or services (whether free or at a cost); and to those monitoring the behaviour of individuals living in the EU.

SMEs which process personal data will also ...